CVE-2023-3864

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 11, 2023
Updated: Aug 18, 2023

Summary

CVE-2023-3864 is a newly disclosed vulnerability affecting Snow Software's license manager service running on Windows. This blind SQL injection issue enables logged-in users with high privileges to inject malicious SQL commands via the web portal. Successful exploitation of this vulnerability could lead to unauthorized data access or modification within the affected database. Users are advised to apply the available patch as soon as possible to mitigate this risk. snow software license manager, CVE-2023-3864, SQL injection, vulnerability, patch, data access, data modification, high privileges.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share